[squid-users] squid and netdata causes squid to drop SYN?
Alex Rousskov
rousskov at measurement-factory.com
Tue Jan 21 15:39:03 UTC 2020
On 1/20/20 11:28 PM, Amish wrote:
> 2) Is calling squidclient so frequently a right thing to do by netdata?
The answer depends on what cache manager query (or queries) your netdata
is sending to Squid. Sending some queries every second is perfectly
fine, but there are other, "heavy" queries that should not be sent so
often and could, if sent with a high enough concurrency level,
effectively DoS a Squid instance. For example, queries that require
iterating all cached objects should not be sent to busy Squids.
If netdata does not document the queries it uses, you can probably use
Squid access.log to figure out what queries netdata is sending (and how
long they take).
N.B. If netdata is killing the previous query when starting a new
would-be-concurrent query, then there should be no DoS conditions -- a
single "heavy" query may slow Squid down a bit but should not stall the
whole Squid instance. Thus, if netdata ensures that the number of
concurrent cache manager queries is small, then there may be a Squid bug
related to terminating an aborted query. Otherwise, one could argue that
the lack of concurrency controls is a netdata bug.
As Matus UHLAR have said, SNMP is a viable alternative to cache manager
queries, but please keep in mind that the two interfaces provide access
to only partially overlapping measurement sets, and that Squid SNMP code
is neglected even more than Squid cache manager code. Pick your poison.
HTH,
Alex.
More information about the squid-users
mailing list